Thousands of WordPress sites have been hacked and compromised with malicious code this month, according to security researchers at Sucuri and Malwarebytes.
All compromises seem to follow a similar pattern –to load malicious code from a known threat actor– although the entry vector for all these incidents appears to be different.
Researchers believe intruders are gaining access to these sites not by exploiting flaws in the WordPress CMS itself, but vulnerabilities in outdated themes and plugins.
When they gain access to a site, they plant a backdoor for future access and make modifications to the site’s code.
In most cases, they modify PHP or JavaScript files to load malicious code, although some users have reported seeing modifications made to database tables as well.
Malwarebytes security researcher Jérôme Segura said this malicious code filters users visiting the compromised sites and redirects some to tech support scams.
While many organizations are guarding the front door with yesterday’s signature-based antivirus (AV) solutions, today’s unknown malware walks out the back door with all their data. What’s the answer? This white paper, “The Rise of Machine Learning…
He says some of the traffic patterns seen during the redirection process match the patterns of a well-known traffic distribution system used by several malware distribution campaigns.
Segura also said that some of tech support scams that users are landing on are using the “evil cursor” Chrome bug to prevent users from closing the malicious site’s tab, a trick that the researcher first spotted last week.
This WordPress site hijacking campaign appears to have started this month, according to Sucuri, and has intensified in recent days, according to Segura.
Googling just one of the pieces of the malicious JavaScript code added to the hacked WordPress sites reveals just a small portion of the total number of hacked sites. In this case, this string search yielded over 2,500 results, including a corporate site belonging to Expedia Group, the parent company behind the Expedia portal.
Last week, ZDNet revealed that attackers had been scanning the Internet in an attempt to exploit a recent vulnerability in a popular WordPress plugin.
While Sucuri did not find confirm that this vulnerability was now being used in this recent wave of site hacks, the company did confirm our initial report, based on WordFence’s telemetry.
As Google makes the big change to mobile-first indexing, it’s important that your site is ready for the shift. Are you fully prepared?
Let’s start at the beginning.
What Is Mobile-First Indexing?
The mobile-first initiative is an effort to address the growing percentage of mobile-users in today’s search landscape.
Back in March, on their Webmaster Central Blog, Google announced that they are rolling out their mobile-first indexing initiative more broadly which is a big change to how Google crawls and indexes your site. The push is on now and Mobile Indexing is being fully implemented.
What’s Changing about Google’s Rankings?
Per Google, “Mobile-first indexing means Google will predominantly use the mobile version of your websites content for indexing and ranking.”
But what does that mean?
Currently, Google crawls and indexes your site based on the desktop version of your site and the content that exists there. With this change, Google will be looking at your mobile site first and the content on that version to determine how your site is ranked.
For example:
Over the course of the last year, Google has been slowly experimenting with a small percentage of sites to make the switch to crawling, indexing, and ultimately ranking sites based on their mobile experience, not their desktop as they always have.
This doesn’t mean your desktop site isn’t important anymore, it just means that they will be looking at it as a secondary source, not the primary one for crawling, indexing, and ranking as it has been in the past. But even if your site is doing well organically, if it’s not responsive (mobile friendly), your ranking will drop substantially. Don’t lose those years of building your search engine position, contact us today.
How Mobile-First Indexing May Impact Your Site
Depending on how you handle mobile, this change may or may not directly affect your site.
If your site is built in responsive design, you will see no impact, as your site adapts to all devices.
If you have a separate m. site (or something similar) and your primary content does not exist on it, then you are at risk of seeing a negative impact as Google will no longer be looking at your desktop version.
If you do not have a mobile site/experience then this change will negatively impact you. Also, it’s 2018: if you don’t have a mobile-friendly site then you have much larger issues that this change.
What Mobile-First Best Practices Can I Follow To Ensure I Maximize My Opportunity?
While there are many things to consider and you should read through the entire list above, two major points are ensuring you have mobile-friendly content and that your site loads as fast as possible. Site speed is becoming an increasingly important ranking factor, which coincides with users’ needs to get everything as quickly and seamlessly as possible. With the rapid adoption of AMP (accelerated mobile pages) and the popularity of Progressive Web Apps (PWA’s) growing, it’s not surprising to see Google pushing site owners in this direction.
How Do I Know If Google is Using Mobile-First Indexing for My Site?
Google will be notifying site owners that their sites are migrating to mobile-first indexing through Search Console. The message will look like this:
So you need to make sure that if you have an m. version of your site, it is verified in Search Console.
You will also see a significant increase in the Smartphone Googlebot crawl rate and Google will show the mobile version of pages in search results and cached pages.
What Do We Think About This?
This is a major change in how Google interacts with our websites and makes sense as more and more traffic continues to move to mobile. While your desktop site will certainly remain important and Google will not be ignoring it, users have been trending towards mobile usage for years and this is the natural progression of our industry.
Companies need to take notice of this change. Thinking mobile-first should not be something that is kicked down the road and moved down on priority lists, from a search perspective this should be top of mind for all organizations large and small.
Should you be concerned? If you haven’t been paying attention to how your site functions on a mobile device, this probably isn’t going to pan out for you. The good news is that all websites are living documents and can be changed and updated. If you are coming in a little late to the game on mobile, then now is the time to improve that experience and ensure your site is set up to provide value to mobile users.
This is yet another banner that Google is waving to signal the importance of your mobile experience. If you have been neglecting it, now is the time to rectify that and putting people and resources behind it.
If you think your site is not mobile friendly or have tested it and know, contact us for advice to bring your website up to speed with the current technologies.
You may have heard the dark web is a place for drug dealers and hitmen. That’s correct, but there’s more to it than that. In this article, find out what is the dark web, how to access it, and what you might find there.
The dark web is a part of the Internet that requires special software to access and is not indexed by search engines. It offers much greater privacy than the widely accessible parts of the World Wide Web.
That privacy also makes the dark web a setting for illegal activity, scams, and offensive content. The high-profile rise and fall of the Silk Road marketplace for illicit drugs is the best-known example of this. But despite the sensational media coverage, few people really understand what the dark web is or how it works. For instance, it might surprise some people to learn that The New York Timesand Facebook both maintain websites on the dark web.
The dark web isn’t “dark” because it’s bad; it’s dark because it’s the only place on the Internet that offers a bit of privacy. In this article, we’ll explain how that works, what actually happens on the dark web, and how you can check it out for yourself.
What is the dark web?
Think of the Internet as divided into three parts: the clearweb, the deep web, and the dark web.
The clearweb is the Internet most of us are familiar with. Its pages are searchable in Google, but it makes up just a small percentage of all the content on the Internet. The deep web comprises the majority of the Internet, but it is not indexed by search engines, it is often password-protected, and therefore it’s not generally accessible. The deep web includes things like financial databases, web archives, and password-protected pages.
The dark web is a small portion of the deep web. It runs on top of existing Internet infrastructure, but it is a parallel web that cannot be accessed without special tools. For this reason the dark web is sometimes referred to as the hidden web.
Websites on the dark web have domains ending in “.onion” and are sometimes known as onion sites. They’re called onion sites because of the kind of encryption technology they use to hide the IP address of the servers that host them. Websites on the dark web mask their data behind multiple layers of encryption (like the layers of an onion), and can only be accessed through the Tor network, which is a network of computers around the world maintained by volunteers. Because the routing is random and the data is encrypted, it’s extremely difficult for anyone to trace any piece of traffic back to its source.
How to access the dark web
Tor is the most popular dark web interface, with millions of users. There are a number of ways to access the Tor network, including via the Tor browser , the operating system Tails, or by installing Tor on your computer. ProtonVPN also provides one-click Tor access through the Tor over VPN feature. From there, you can browse the web normally as well as gain access to highly private and secure onion sites.
Unlike the regular web, however, even after you have connected to the dark web, it isn’t so easy to find websites. Dark web sites use randomly generated domains that aren’t easy to remember. The dark web is also difficult to index, meaning search engines are ineffective. There are a number of link directories, such as The Hidden Wiki, that attempt to catalogue the dark web. But because dark web sites change their domain frequently, you’ll find a lot of dead links. A typical onion site url looks something like this:
http://3g2upl4pq6kufc4m.onion/
Some special onion sites, though, have easy to remember domain names and also SSL encryption (URLs that start with “https” instead of “http”). For example, ProtonMail’s Tor encrypted email site is at https://protonirockerxow.onion while Facebook’s onion site is at https://facebookcorewwwi.onion. You can learn more about these special onion sites here.
What’s on the dark web?
The illicit uses of the dark web are well documented: assassination services, ecommerce sites for buying guns and drugs, and so on. It’s best to stay clear of anything that seems suspect while browsing there. However, there are plenty of 100% legal things you can do on the dark web. You can read ProPublica or The New York Times, check your email in ProtonMail, or browse your Facebook wall. All of these mainstream websites offer dark web access because of the benefits to privacy and freedom of information.
One of the biggest advantages of the dark web is the difficulty of blocking it. Common forms of censorship, which block traffic to websites at specific choke points along the Internet hierarchy, do not work with encrypted overlay networks. (As a result, some dictators have, for example, tried to block Tor itself.)
For similar reasons, the dark web is more resistant to surveillance by governments and corporations (such as Internet service providers). Whistleblowers, journalists, and other professionals at risk of targeted surveillance use the dark web to communicate sensitive information. And organizations including Human Rights Watch and the Electronic Frontier Foundation support the use of and access to the dark web.
One of the only drawbacks of the dark web is its speed. For instance, because Tor bounces your traffic through multiple servers around the world, it necessarily slows your connection. But when you need it, the dark web can be vitally important: When Turkey temporarily blocked ProtonMail for some users, our onion site was one of the only ways people could gain access to email.
So, there’s no reason to be afraid of the dark web. On the contrary, the dark web is an essential privacy tool. As governments work to weaken encryption with backdoors and corporations gain greater access to everything we do, privacy and security technologies like the dark web must be vigorously defended. And that starts with understanding them beyond sensational headlines.
ProtonMail and ProtonVPN are funded by community contributions. If you would like to support our development efforts, you can upgrade to a paid plan or donate. Thank you for your support!
It’s easy to imagine a world in which “Alexa” is synonymous with talking computers, or Echo with smart speakers—just as Kleenex is synonymous with facial tissue, Xerox with copy machines, or Google with online search. (These are called genericized trademarks, or proprietary eponyms, by the way. They need a better name.)
That’s almost the world we live in today, thanks to the dramatic early success of Amazon’s pioneering smart speaker and the surprisingly capable digital assistant that animates it. Almost, but not quite.
It’s true that voice-powered smart speakers are on the path to ubiquity: Analysts predict that most U.S. households will eventually have one. But at a time when sales are booming around the world, it’s becoming clear that Amazon’s first-mover advantage wasn’t built to last.
While there are no official sales figures, mounting evidence suggests that Echo devices have been losing ground in the past year to competitors on multiple fronts. Assemble the pieces from an array of market-research reports with different methodologies, and the picture is that of a rapidly shifting landscape in which no single company is likely to dominate long-term—but if anyone does, it might be Google. That matters not only to industry watchers and investors but to anyone who cares about the business models and privacy practices of the tech goliaths that mediate what we say, learn, buy, and do.
Amazon, Google, and Apple don’t report sales of the Echo, Home, or HomePod, respectively, preferring to shelter them from investor scrutiny by lumping them into categories such as “Other Products” when they report earnings. What we know of their sales, then, comes largely from third-party market-research firms, plus tidbits and hints that the companies occasionally drop. The market-research firms’ estimates can vary, sometimes widely, based on their methodology.
With that caveat aside, a consensus has emerged on the broad trends. Here are three of the big ones:
• Google Home devices are rapidly catching up to Amazon Echo devices in worldwide sales and may have already surpassed them.
• Apple’s HomePod isn’t selling as poorly as some initial reports suggested, and Samsung just launched its own smart speaker.
• China is the fastest-growing market for smart speakers, and neither Amazon nor Google is a significant player there.
The common thread: Alexa is losing its edge. And the obvious question: What happened?
As recently as a year ago, Amazon single-handedly controlled the global smart speaker industry, with a market share upward of 75 percent, according to estimates from two of the leading market watchers, Strategy Analytics and Canalys, based in Singapore. Amazon itself boasted in a February earnings report that it had sold “tens of millions” of Echo devices in 2017. That figure included not only its flagship Echo smart speaker but the Echo Dot, Echo Show, and other Echos, the company clarified to me (though not other Alexa-powered gizmos, such as the Tap or Fire TV). It makes sense that Amazon was crushing the competition because there wasn’t much competition yet: Google had just launched the Home in late 2016, and Apple’s HomePod was not yet on the market. The Echo has been available since 2014.
Would-be rivals faced an uphill struggle. Amazon’s head start in smart speakers resembled the daunting leads that Apple famously built in portable MP3 players, smartphones, and tablets. But Apple’s high prices at least gave competitors an opening to build cheaper alternatives for the mass market. Not so with Amazon. Because it viewed Echo partly as a path to Amazon purchases, the company sold its smart speakers at affordable prices, opting to maximize sales rather than profit margins. How could latecomers compete?
As recently as a year ago, Amazon single-handedly controlled the global smart speaker market, with a market share upward of 75percent.
Yet visions of an Amazon smart speaker monopoly faded faster than almost anyone expected. Google, in particular, has been catching up in a hurry. That could be partly because its Assistant is “smarter” than Alexa, by some metrics. But the Echo is more capable in other respects, and it continues to be a top-rated device in the category.
Analysts say the secrets to Google’s success lie elsewhere. A big-budget marketing blitz, an aggressive push to partner with retailers and makers of smart home gadgets, and the company’s reputation for answering search questions got it off to a good start. It didn’t hurt that the company was also pushing the Google Assistant—its equivalent of Alexa—onto hundreds of millions of Android devices. Perhaps most importantly, Google has experience, partners, and language capabilities in overseas markets where Amazon is less established.
Oh, and perhaps you’ve heard that brick-and-mortar retailers aren’t big Amazon fans. “Retailers are more open to the idea of arranging Google’s smart speakers because Google isn’t seen as such a direct competitor,” said Vincent Thielke, research analyst for Canalys.
By early this year, according to multiple industry reports, the tide was turning in Google’s favor. One firm, Strategy Analytics, estimated this month that Amazon’s global market share dipped from 76 percent to 41 percent over the past year, with Google’s rising to 28 percent. The firm projects Google’s smart speaker sales to surpass Amazon’s by 2020, said Bill Ablondi, director of smart home strategies.
It’s worth noting that Canalys counts devices shipped to retailers, even if they haven’t yet been purchased by consumers. Canalys derives its estimates partly from suppliers, vendors, and other third parties, while Strategy Analytics relies on sources within the companies that make them. A third report, from the news and research site Voicebot, used consumer surveys to estimate how many users each firm’s smart speakers have. It found that 62 percent of U.S. smart speaker owners had an Amazon Echo, while 27 percent had a Google Home, as of May. That methodology favors Amazon by counting devices purchased in the past. But even there, Google was rapidly gaining ground, tripling its market share in the first half of 2018.
While Google appears to be beating Amazon at its own game, Apple is playing a different one. Its HomePod starts at a cool $350, compared to $100 for a Home and $85 for an Echo, and aims at audiophiles with the promise of hi-fi sound quality. Early reports of lackluster HomePod sales have dampened enthusiasm, but both Voicebot and Strategy Analytics said it’s too soon to write off Apple as a serious competitor. The former put Apple’s second-quarter market share at 6 percent, enough to dent both Amazon and Google’s growth.
More competitors are looming: Electronics giant Samsung has just launched its Galaxy Home smart speaker, and a bevy of audio companies are gradually getting in on the game. Meanwhile, smart displays are emerging as an alternative to audio-only speakers, and Facebook is working on a device called Portal that could focus on video calling.
In the long run, though, it isn’t just Silicon Valley that threatens Amazon’s smart speaker lead. It’s China.
A year ago, pundits were wondering why smart speakers weren’t catching on in China. No one’s wondering that anymore: It is by all accounts the fastest-growing market for smart speakers. And virtually none of that growth is going to Amazon or its U.S. rivals, which don’t offer Chinese-language versions. It’s going instead to Chinese giants such as Alibaba, Xiaomi, and Baidu, which are pumping out smart speakers that go for a fraction of the price of the Echo or Home. These aren’t just cheap knockoffs, either. At CES this year, Baidu showed off high-concept smart speakers that look like lamps, ceiling lights, or even a colorful stack of blocks. Amazon and Google’s devices look outdated by comparison.
The smart speaker wars aren’t just an industry story. Yes, these firms are vying for slices of a sales pie that could top $23 billion by 2023, according to Strategy Analytics (or $30 billion by 2024, according to Global Market Insights). But smart speakers, like smartphones, aren’t just about the hardware. They’re about the platform that powers them—in this case, the voice A.I.—and how it shapes users’ behavior.
When you buy an Echo, you’re paying Amazon $85 today. But it also gives you a strong incentive to pay it $120 a year for Amazon Prime, and perhaps another $80 per year for Amazon Music Unlimited. On top of that, it makes it very easy to buy things on Amazon and plays nicely with other Alexa devices like the Fire TV.
Purchase a Google Home, on the other hand, and it will fit right in with Chromecast, YouTube, your Gmail and Google Calendar, and the Google Assistant on your Android device. A HomePod will deepen your relationship with Siri and iTunes, and so forth.
And all the time, whichever A.I. assistant you choose will be getting to know you intimately—not just your voice and your way of speaking, but your habits and preferences. In a blog post this week, Google vice president of engineering, Scott Huffman, reported that queries of Google Assistant tend to be action-oriented, like “Turn on the lights and play some music” or “Create an appointment for noon on Saturday.” Google, whose business revolves around targeted advertising, already knows what we’re searching for on the web and what we’re doing on our Android phones. It would love to know what we’re up to in our kitchens and living rooms too.
So an Echo-filled world would expand Amazon’s retail empire; a Home-filled world would broaden Google’s surveillance network and feed its A.I.; a world of HomePods would keep people ensconced in Apple’s ecosystem (especially if they’re well-off). And one shudders to think what a world of Facebook Portals might do. (Rumor has it the company delayed the device’s launch due to the Cambridge Analytica scandal.) The only darker scenario might be one in which the censorship-friendly Chinese tech companies ultimately prevail.
That Amazon no longer looks poised to monopolize smart speakers might reassure critics wary of its online retail dominance. But the prospect of Google’s dominance should give privacy advocates pause. What we have for now, thankfully, is a hotly competitive industry—the kind that is unlikely to give rise to any proprietary eponyms at all.
How to Get The Most Out of Your Restaurant Email Newsletter
A compelling email newsletter can be a very powerful tool for restaurants. They can inform customers about latest dishes and events and promote a restaurant’s unique personality to differentiate from other restaurants. But how can you ensure that you are creating an effective newsletter?
Vibrant images and calls-to-action
You have a sizeable customer email list and are reaching out to your customers on a regular basis. Now what? How do you ensure that your newsletter stands out from the other newsletters your customers receive on a daily basis? Having a vibrant image and a convincing call-to-action can help give your newsletter that edge!
You can start by including eye-catching photos that will draw their attention. Try including an image of your latest dish. Think of a vibrant color/image as one which stands out from the background and would draw someone’s attention almost immediately. The image should also match either your restaurant or newsletter’s content so it remains relevant and cohesive. An example of such an image is:
Banko Cantina chose this image for the restaurant’s all-you-can-eat tacos on Taco Tuesday special. (Source: Banko Catina)
Once you have picked an image, are your email newsletters actually bringing customers back to your restaurant? Are you engaging your customers with content that leaves them wanting to do something about it? Ensuring that your email newsletter is effective in bringing customers back through an exciting and convincing call-to-action is the next important step in promoting your business.
Start with the most important information. For example, if there’s an upcoming special or event on Tuesday night, state all the details pertaining to it. This should include the date, time, and specials your customer will get from attending. A good subject title would be, “Enjoy $1 tacos this Taco Tuesday!” This title works because it’s personal, direct, and simple. Exactly what a customer wants. You are also being explicit in the benefit your customer will get for going to your restaurant on Tuesday.
Customers want to feel special. Personalized and exclusive offers given to them because they are on your mailing list will make them feel that way. This gives them a feeling of being rewarded while also making it easier for you to track the results of your marketing campaign. It’s a win-win!
Great content
Still, some people receive hundreds of emails a day. How do you stand out? There are some general rules of thumb to ensure that your communication doesn’t get lost on its way to a customer.
Start with a click-worthy subject line. Be sure to keep it short, sweet and enticing. You have about 5 seconds to grab their attention, so make it count!
Sometimes a restaurant email newsletter promotes more than just specials, it’s a reminder of how great your restaurant is to customers who haven’t visited in awhile. Spreading the word about an update in your menu or changes to your restaurant’s look will encourage them to come back. You can also highlight positive reviews of your restaurant such as a favorable quote from a recent customer. This reinforces that same feeling amongst other customers, encouraging them to write their own positive review or even just to return to your restaurant. Following these steps ultimately helps in the reputation management of your restaurant.
Lastly, don’t forget to make the newsletter personal. If you have their names, include them. Adding a personal touch to your newsletters will make customers feel special and more inclined to go back to your restaurant.
A great example would be “Happy Hump Day, Alex! Next drink on us.” It’s personal, direct and simple, and your customer is incentivized to click on it.
Using the proper tools
Knowing what to include in a newsletter is only half the battle; doing it on a regular basis is what can really save you time.
Entrepreneur Magazine noted that many companies are seeing open rates on their newsletters as low as 5 percent. However, if you are able to leverage marketing automation with the right tools, you will be left with more time to think about the content of your newsletter and execute it effectively.
An automated marketing platform not only helps you easily build your email marketing database, but it can help create and schedule your emails both simply and automatically. Zenreach is an example of such a platform.
Not only does Zenreach let your customers sign into your portal and receive a customized WiFi experience, it allows them to participate in your restaurant’s special offers and deals.
Still not convinced? Sign up for a free Zenreach trial today and see how a marketing automation platform can grow your business in just 30 days!
Spearhead Multimedia and Zenreach make it easy! Try It Today
The Data Transfer Project is a new team-up between tech giants to let you move your content, contacts, and more across apps. Founded by Facebook, Google, Twitter, and Microsoft, the DTP today revealed its plans for an open source data portability platform any online service can join. While many companies already let you download your information, that’s not very helpful if you can’t easily upload and use it elsewhere — whether you want to evacuate a social network you hate, back up your data somewhere different, or bring your digital identity along when you try a new app. The DTP’s tool isn’t ready for use yet, but the group today laid out a white paper for how it will work.
Creating an industry standard for data portability could force companies to compete on utility instead of being protected by data lock-in that traps users because it’s tough to switch services. The DTP could potentially offer a solution to a major problem with social networks I detailed in April: you can’t find your friends from one app on another. We’ve asked Facebook for details on if and how you’ll be able to transfer your social connections and friends’ contact info which it’s historically hoarded.
From porting playlists in music streaming services to health data from fitness trackers to our reams of photos and videos, the DTP could be a boon for startups. Incumbent tech giants maintain a huge advantage in popularizing new functionality because they instantly interoperate with a user’s existing data rather than making them start from scratch. Even if a social networking startup builds a better location sharing feature, personalized avatar, or payment system, it might be a lot easier to use Facebook’s clone of it because that’s where your profile, friends, and photos live.
If the DTP gains industry-wide momentum and its founding partners cooperate in good faith rather than at some bare minimum level of involvement, it could lower the barrier for people to experiment with new apps. Meanwhile, the tech giants could argue that the government shouldn’t step in to regulate them or break them up because DTP means users are free to choose whichever app best competes for their data and attention.
Like so many other Android users, I rely on Messages for Android — Google’s text messaging application — every day. It’s my main means of communication with the people I care about most.
So I was pretty excited to hear that Messages for Android now has its own web client, accessible from any web browser. It’s called Messages for web, naturally:
Google
In short, Messages for web lets Android users text message seamlessly from any computer with a web browser. It’s super easy to set up, and even syncs in real time between phone and computer.
I’ve been using it for nearly a week at this point, and it’s fundamentally changed how I communicate.
Here’s why:
First, setting it up: It’s a snap!
Ben Gilbert / Business Insider / Google
Here’s how you set up Android text messaging on the web:
Step 1: Open Messages on your (Android) phone. Step 2: Tap the three dots in the upper right corner, and select “Messages for web.” Step 3: Navigate to the Messages for website on your favorite web browser. Step 4: Scan the QR code using your phone.
And you’re in.
If you want the computer you’re using to remember your phone, there’s an option to select that from the web browser window.
If you’re not seeing the Messages for web option in Messages just yet, check back in a few days — Google is rolling out the update over time.
I’ve stopped knee-jerk responding to every text message buzz in my pocket.
I’ve begun ignoring the buzzes in my pocket, and it’s been a massive relief.
As someone who spends most of my time at a computer, I feel especially silly holding up a smartphone screen in front of that computer.
Eventually, I click over to the Messages for web tab in my browser and see what I’ve been missing: group texts with friends to get back to, messages from my partner, an alert from Verizon that my autopay went through successfully.
Important stuff, no doubt, but stuff that doesn’t require an immediate, “Stop everything!” response. Instead, I ignore the buzzes, find a natural end point to whatever I’m doing, then catch up on messages I’ve been missing.
It’s a subtle change with massive implications — I’ve been knee-jerk responding to text message pocket vibrations for over 10 years now.
But there’s something about having all my text messages in a browser window, waiting for me, that changed how I look at them: They’re just instant message windows now, nothing more than the AOL Instant Messengers and Facebook Messengers of the world.
It’s obvious, I realize. They’re all just messaging software in the broadest sense. But text messages have maintained the top spot in my personal hierarchy of prioritization. Messages for web is helping me put the space between myself and text messages that I didn’t even realize I needed.
Not having to switch between phone and computer while working is a huge time saver.
Since I write about technology at a major publication in 2018, I use a MacBook Air with my phone sitting next to it. I don’t wear a name tag.Jacques Brinon/AP Images
Switching between a phone and a keyboard is massively disruptive. Moreover, as stated previously, it makes me feel ridiculous to pick up a smartphone solely for one type of messaging while I’m sitting at a powerful computer.
Having Messages for web makes text message communication a part of my workflow.
I’m free to ignore the buzzes in my pocket specifically because I know the messages they represent are easily tackled in a browser tab. Why bother looking?
Messages for web seamlessly syncs between phone and computer, instantly.
If someone sends you media, you can download it locally to your computer (and vice versa — it’s super easy to send your friends all the dumb GIFs you found before they woke up).
Messages for web works exactly as well as Google’s many other excellent services, like Google Docs, Calendar, Mail, and Keep. It is genuinely impressive how quick and easy it is to use Messages for web.
And yes, you can text message anyone with Messages for web, just like you would with your phone normally. It actually uses your phone to send the messages — there’s no way to use Messages for web without your phone close by.
Of all the hotly anticipated new smartphones still set to be released over the course of 2018, Google’s Pixel 3 and Pixel 3 XL are the furthest from becoming a reality. The LG G7 ThinQ and HTC U12+ are both in the process of rolling out now, and Motorola has some launches coming soon as well. Then the next big phone reveal will be Samsung’s Galaxy Note 9, which will be followed by the even more eagerly anticipated release of Apple’s 2018 iPhone lineup. There, we’ll likely see three new iPhone X successors launch, including an “iPhone X 2,” a larger “iPhone X Plus” with a 6.5-inch OLED display, and a new mid-range model with the iPhone X’s design but a much lower price point. That third new iPhone model, which will reportedly feature a 6.1-inch LCD screen, will likely be Apple’s most popular new iPhone in 2018 thanks to the new, lower price tag.
Finally, after all that is said and done, Google is expected to release its new Pixel 3 and Pixel 3 XL sometime in October 2018. They won’t be the best-selling Android smartphones of the year — not by a long shot. But Google’s new Pixel phones are always the choice of hardcore Android fans who want a pure Android experience and instant access to big Android software updates the moment they’re released.
2018 is shaping up to be a somewhat controversial year for Google’s Pixel lineup since the larger and more desirable Pixel 3 XL is expected to copy the iPhone X’s notch design, and hardcore Android fans inherently hate anything and everything Apple does. Luckily for Android fanboys, however, Google likely has a solution in store to appease them, and we might have just gotten our first look at that solution in action thanks to a recent leak.
Earlier this week, the world may have gotten its first taste at the designs Google plans to use on its upcoming Pixel 3 and Pixel 3 XL flagship smartphones. That taste came courtesy of a photo that purportedly showed two screen protectors, one for the upcoming Pixel 3 and a second for the larger Pixel 3 XL phablet. Now, seeing screen protectors obviously isn’t the same as seeing the phones themselves, but if they’re genuine they do show us the design Google plans to use on its new Pixel phones. Here’s that leaked image, in case you missed it the first time around:
As you can see, the screen protectors indicate that Google plans to decrease the size of the bezels on its new Pixel 3 lineup this year. Both new models will still have a “chin” bezel below the displays, and the smaller Pixel 3 will also apparently have a somewhat large bezel above the screen. But the bigger Pixel 3 XL design shown in this leak uses Apple’s iPhone X notch design at the top of the screen in order to maximize display real estate.
Again, there’s no way at the moment to confirm that this design is accurate. That said, it wouldn’t come as much of a surprise. So many Android phones have copied Apple’s notch that Google actually baked notch support right into Android P, the company’s big 2018 update set to be released later this year. Pixel phones are always a showcase of the latest and greatest Android features, so it stands to reason that Google would want to showcase the notch on at least one of its 2018 Pixel phones.
Based on the leak above, a cell phone blog cooked up renders of what Google’s new Pixel 3 and Pixel 3 XL should look like when they launch. There’s a very good chance that those renders will end up being our first look at Google’s new Pixel 3 and Pixel 3 XL designs, though we obviously cannot confirm that for the time being. We showed you the renders on Tuesday, but here’s another look:
The smaller Pixel 3 has a design that is somewhat dated thanks to those big bezels above and below the screen, but the Pixel 3 XL looks just as sleek as any other recent Android flagship phone. It does clone the iPhone X’s notch though, which is something that hardcore Android fans haven’t been happy about with regard to all the other recent phones that copy Apple’s design. Of course, many of those phones also offer a related feature that Apple does not: The ability to hide the notch.
Phones like the LG G7 ThinQ and OnePlus 6 include a setting in the phone’s software to hide the notch by making the background black. Then, only status bar icons and notification icons are displayed on either side of the notch. There’s a very good chance that Google will offer this option as well, and now a Reddit user named “fondantsnail” has created a Pixel 3 XL render that shows us what the phone might look like with the notch hidden:
The render on the left shows us Google’s rumored Pixel 3 XL design with the notch enabled in the phone’s software. Then on the right, we can see what the phone might look like with the notch hidden in the software. Will this be enough to appease Android fans who inherently hate anything that even resembles an Apple product? Only time will tell, but our guess is they’ll happily look past the iPhone X’s notch at the top of the Pixel 3 XL’s screen in order to get their hands on the latest and greatest Google phone.
In the wake of Google’s removal of the ‘view image’ button, contributor Anthony Muller polled top news and entertainment sites to share their Google image traffic data. The results? Overwhelmingly positive — image search is back.
Image search engine optimization (SEO) is the practice of optimizing attributes associated with images.
The file size, file name, alt attributes, captions, XML sitemap inclusion and structured data on images all play a role in the visibility of images within search engines.
These declines were even more drastic for large enterprise-level brands that had spent considerable effort optimizing their image catalogs, content management system (CMS), captions and eXtensible markup language (XML) sitemaps for the search engines.
This decline was due to searchers who clicked “view image” being sent to a page with only the image asset and not to the site hosting or licensing the image when using Google image search.
Getty bites back
Approximately three years after Google added the “view image” button, Getty images filed an anti-competition complaint with the European Commission (EC) against the search giant. The gist of the complaint was that Google was using Getty images in a way that was diverting users from Getty’s website.
Fast forward to February 14, 2018 (Valentine’s Day), and it appears that Google blinked.
Google had reversed their stance and as of February 15, 2018, removed the “view image” button. A message from Google SearchLiaison tweeted confirmation that these changes (view images) came about due to the settlement with Getty Images.
Image SEO rises again
It has been fewer than 90 days since Google made the change, and I was chomping at the bit to see just how immediate the effects would be. I reached out to a number of different properties across different worldwide verticals and asked them to share their Google image traffic data.
The response to my data requests was very positive. Overall, I compiled the percentage increases from 58 different properties worldwide.
These increases were from Google images pre- and post-February 14, 2018. All sites fell into one of three different verticals, entertainment, photography and news, with a large majority being news-oriented. All sites surveyed have significantly large catalogs of images (over 100,000).
Since the only number reported from all sites was a percentage increase in image traffic from Google, it was the only number I could properly find the mean increase for at this time.
The overall data from the 58 different sites, shows an average of a 37 percent increase in clicks from Google image search.
In the image traffic data below, we can see how a single enterprise-sized entertainment site with millions of images spiked for approximately an additional 600,000 visitors from Google images every month. While this was on the higher end of the mean increase, the 47 percent seen below is pretty indicative of how most saw their traffic increase post-Valentine’s Day, with some variations.
Take note of how the impressions and position remain relatively unchanged, while the click-through rate (CTR) and clicks spike:
Some properties were generous enough to go on the record with the increases they have witnessed.
Dylan Howell from Stocksy.com reports on their Google traffic on over 1 million images after the change:
From recent data, we can see that this change greatly improved the rate of viewers visiting our site from these (image) results pages. The number of clicks from these pages to our site increased by over 50 percent from previous levels.
Serban Enache, CEO of Dreamstime, reports that his company’s traffic from Google images increased by approximately 30 percent to their catalog of 75 million images. He added:
We also saw a 10 percent increase in conversions, so this traffic previously downloaded images from Google Images. Since they purchased a commercial license afterwards, we can safely assume their past downloads were copyright infringements.
Both Stocksy and Dreamstime commented that the changes were “positive” for both site owners and photographers. As a content creator and a firsthand witness to the traffic devastation for some clients, I wholeheartedly agree with them.
Some users of image search were surprisingly upset at the change and within a week, Chrome extensions were popping up in the Chrome web store which promised to return the “view image” functionality for those who want it. I don’t quite understand the need for the button, since right-click functionality still exists to open images in a new tab, but I guess I am just old-school.
Can what was lost be fully regained?
If many sites lost 70 percent of their image search traffic in 2013, why aren’t we seeing similar increases? It is anyone’s guess, but could be, in part, from other engines (Bing, DuckDuckGo) still using the “view image” functionality. From Duck Duck Go:
In addition, I have seen a reluctance from many clients to spend resources on image optimization post-2013. They just didn’t feel that the benefit or traffic would be worth the resource cost. This lack of attention or resources placed into image optimization could have stunted the rebound as well.
One thing is for certain. It is time to reprioritize image SEO in-house or for clients taking a lackadaisical approach to optimizing images in the wake of the 2013 Google change. The upside will be far greater for those who are already poised to benefit from the changes.
This is a concise, simple explanation of GDPR brought to you by Syed Balkhi and his Editorial Staff of WordPress experts.
Are you confused by GDPR, and how it will impact your WordPress site? GDPR, short for General Data Protection Regulation, is a European Union law that you have likely heard about. We have received dozens of emails from users asking us to explain GDPR in plain English and share tips on how to make your WordPress site GDPR compliant. In this article, we will explain everything you need to know about GDPR and WordPress (without the complex legal stuff).
Disclaimer: We are not lawyers. Nothing on this website should be considered legal advice.
To help you easily navigate through our ultimate guide to WordPress and GDPR Compliance, we have created a table of content below:
The General Data Protection Regulation (GDPR) is a European Union (EU) law taking effect on May 25, 2018. The goal of GDPR is to give EU citizens control over their personal data and change the data privacy approach of organizations across the world.
You’ve likely gotten dozens of emails from companies like Google and others regarding GDPR, their new privacy policy, and bunch of other legal stuff. That’s because the EU has put in hefty penalties for those who are not in compliance.
Fines
Basically after May 25th, 2018, businesses that are not in compliance with GDPR’s requirement can face large fines up to 4% of a company’s annual global revenue OR €20 million (whichever is greater). This is enough reason to cause wide-spread panic among businesses around the world.
This brings us to the big question that you might be thinking about:
Does GDPR apply to my WordPress site?
The answer is YES. It applies to every business, large and small, around the world (not just in the European Union).
If your website has visitors from European Union countries, then this law applies to you.
But don’t panic, this isn’t the end of the world.
While GDPR has the potential to escalate to those high level of fines, it will start with a warning, then a reprimand, then a suspension of data processing, and if you continue to violate the law, then the large fines will hit.
The EU isn’t some evil government that is out to get you. Their goal is to protect consumers, average people like you and me from reckless handling of data / breaches because it’s getting out of control.
The maximum fine part in our opinion is largely to get the attention of large companies like Facebook and Google, so this regulation is NOT ignored. Furthermore, this encourage companies to actually put more emphasis on protecting the rights of people.
Once you understand what is required by GDPR and the spirit of the law, then you will realize that none of this is too crazy. We will also share tools / tips to make your WordPress site GDPR compliant.
What is required under GDPR?
The goal of GDPR is to protect user’s personally identifying information (PII) and hold businesses to a higher standard when it comes to how they collect, store, and use this data.
The personal data includes: name, emails, physical address, IP address, health information, income, etc.
While the GDPR regulation is 200 pages long, here are the most important pillars that you need to know:
Explicit Consent – if you’re collecting personal data from an EU resident, then you must obtain explicit consent that’s specific and unambiguous. In other words, you can’t just send unsolicited emails to people who gave you their business card or filled out your website contact form because they DID NOT opt-in for your marketing newsletter (that’s called SPAM by the way, and you shouldn’t be doing that anyways).
For it to be considered explicit consent, you must require a positive opt-in (i.e no pre-ticked checkbox), contain clear wording (no legalese), and be separate from other terms & conditions.
Rights to Data – you must inform individuals where, why, and how their data is processed / stored. An individual has the right to download their personal data and an individual also has the right to be forgotten meaning they can ask for their data to be deleted.
This will make sure that when you hit Unsubscribe or ask companies to delete your profile, then they actually do that (hmm, go figure). I’m looking at you Zenefits, still waiting for my account to be deleted for 2 years and hoping that you stop sending me spam emails just because I made the mistake of trying out your service.
Breach Notification – organizations must report certain types of data breaches to relevant authorities within 72 hours, unless the breach is considered harmless and poses no risk to individual data. However if a breach is high-risk, then the company MUST also inform individuals who’re impacted right away.
This will hopefully prevent cover-ups like Yahoo that was not revealed until the acquisition.
Data Protection Officers – if you are a public company or process large amounts of personal information, then you must appoint a data protection officer. Again this is not required for small businesses. Consult an attorney if you’re in doubt.
To put it in plain English, GDPR makes sure that businesses can’t go around spamming people by sending emails they didn’t ask for. Businesses can’t sell people’s data without their explicit consent (good luck getting this consent). Businesses have to delete user’s account and unsubscribe them from email lists if the user asks you to do that. Businesses have to report data breaches and overall be better about data protection.
Sounds pretty good, in theory at least.
Ok so now you are probably wondering what do you need to do to make sure that your WordPress site is GDPR compliant.
Well, that really depends on your specific website (more on this later).
Let us start by answering the biggest question that we’ve gotten from users:
Is WordPress GDPR Compliant?
Yes, as of WordPress 4.9.6, the WordPress core software is GDPR compliant. WordPress core team has added several GDPR enhancements to make sure that WordPress is GDPR compliant. It’s important to note that when we talk about WordPress, we’re talking about self-hosted WordPress.org (see the difference: WordPress.com vs WordPress.org).
Having said that, due to the dynamic nature of websites, no single platform, plugin or solution can offer 100% GDPR compliance. The GDPR compliance process will vary based on the type of website you have, what data you store, and how you process data on your site.
Ok, so you might be thinking what does this mean in plain English?
Well, by default WordPress 4.9.6 now comes with the following GDPR enhancement tools:
Comments Consent
By default, WordPress used to store the commenters name, email and website as a cookie on the user’s browser. This made it easier for users to leave comments on their favorite blogs because those fields were pre-populated.
Due to GDPR’s consent requirement, WordPress has added the comment consent checkbox. The user can leave a comment without checking this box. All it would mean is that they would have to manually enter their name, email, and website every time they leave a comment.
Data Export and Erase Feature
WordPress offers site owners the ability to comply with GDPR’s data handling requirements and honor user’s request for exporting personal data as well as removal of user’s personal data.
The data handling features can be found under the Tools menu inside WordPress admin.
Privacy Policy Generator
WordPress now comes with a built-in privacy policy generator. It offers a pre-made privacy policy template and offers you guidance in terms of what else to add, so you can be more transparent with users in terms of what data you store and how you handle their data.
These three things are enough to make a default WordPress blog GDPR compliant. However, it is very likely that your website has additional features that will also need to be in compliance.
Depending on which WordPress plugins you are using on your website, you would need to act accordingly to make sure that your website is GDPR compliant.
A lot of the best WordPress plugins have already gone ahead and added GDPR enhancement features. Let’s take a look at some of the common areas that you would need to address:
Google Analytics
Like most website owners, you’re likely using Google Analytics to get website stats. This means that it is possible that you’re collecting or tracking personal data like IP addresses, user IDs, cookies and other data for behavior profiling. To be GDPR compliant, you need to do one of the following:
Anonymize the data before storage and processing begins
Add an overlay to the site that gives notice of cookies and ask users for consent prior to tracking
Both of these are fairly difficult to do if you’re just pasting Google Analytics code manually on your site. However, if you’re using MonsterInsights, the most popular Google Analytics plugin for WordPress, then you’re in luck.
They have released an EU compliance addon that helps automate the above process. MonsterInsights also has a very good blog post about all you need to know about GDPR and Google Analytics (this is a must read if you’re using Google Analytics on your site).
Contact Forms
If you are using a contact form in WordPress, then you may have to add extra transparency measures especially if you’re storing the form entries or using the data for marketing purposes.
Below are the things you might want to consider for making your WordPress forms GDPR compliant:
Get explicit consent from users to store their information.
Get explicit consent from users if you are planning to use their data for marketing purposes (i.e adding them to your email list).
Disable cookies, user-agent, and IP tracking for forms.
Make sure you have a data-processing agreement with your form providers if you are using a SaaS form solution.
Comply with data-deletion requests.
Disable storing all form entries (a bit extreme and not required by GDPR). You probably shouldn’t do this unless you know exactly what you’re doing.
The good part is that if you’re using WordPress plugins like WPForms, Gravity Forms, Ninja Forms, Contact Form 7, etc, then you don’t need a Data Processing Agreement because these plugins DO NOT store your form entries on their site. Your form entries are stored in your WordPress database.
Simply adding a required consent checkbox with clear explanation should be good enough for you to make your WordPress forms GDPR compliant.
WPForms, the contact form plugin we use on WPBeginner, has added several GDPR enhancements to make it easy for you to add a GDPR consent field, disable user cookies, disable user IP collection, and disable entries with a single click.
Email Marketing Opt-in Forms
Similar to contact forms, if you have any email marketing opt-in forms like popups, floating bars, inline-forms, and others, then you need to make sure that you’re collecting explicit consent from users before adding them to your list.
This can be done with either:
Adding a checkbox that user has to click before opt-in
Simply requiring double-opt-in to your email list
Top lead-generation solutions like OptinMonster has added GDPR consent checkboxes and other necessary features to help you make your email opt-in forms compliant. You can read more about the GDPR strategies for marketers on the OptinMonster blog.
The WooCommerce team has prepared a comprehensive guide for store owners to help them be GDPR compliant.
Retargeting Ads
If your website is running retargeting pixels or retargeting ads, then you will need to get user’s consent. You can do this by using a plugin like Cooke Notices.
Best WordPress Plugins for GDPR Compliance
There are several WordPress plugins that can help automate some aspects of GDPR compliance for you. However, no plugin can offer 100% compliance due to the dynamic nature of websites.
Beware of any WordPress plugin that claims to offer 100% GDPR compliance. They likely don’t know what they’re talking about, and it’s best for you to avoid them completely.
Below is our list of recommended plugins for facilitating GDPR compliance:
MonsterInsights – if you’re using Google Analytics, then you should use their EU compliance addon.
WPForms – by far the most user-friendly WordPress contact form plugin. They offer GDPR fields and other features.
Cookies Notice – popular free plugin to add an EU cookie notice. Integrates well with top plugins like MonsterInsights and others.
OptinMonster – advanced lead generation software that offers clever targeting features to boost conversions while being GDPR compliant.
Shared Counts – instead of loading the default share buttons which add tracking cookies, this plugin load static share buttons while displaying share counts.
We will continue to monitor the plugin ecosystem to see if any other WordPress plugin stands out and offer substantial GDPR compliance features.
Final Thoughts
Whether you’re ready or not, GDPR will go in effect on May 25, 2018. If your website is not compliant before then, don’t panic. Just continue to work towards compliance and get it done asap.
The likelihood of you getting a fine the day after this rule goes in effect are pretty close to zero because the European Union’s website states that first, you’ll get a warning, then a reprimand and fines are the last step if you fail to comply and knowingly ignore the law.
The EU is not out to get you. They’re doing this to protect user’s data and restore people’s trust in online businesses. As the world goes digital, we need these standards. With the recent data breaches of large companies, it’s important that these standards are adopted globally.
It will be good for all involved. These new rules will help boost consumer confidence and in turn help grow your business.
We hope this article helped you learn about WordPress and GDPR compliance. We will do our best to keep it updated as more information or tools get released.
We are not lawyers. Nothing on this website should be considered legal advice. Due to the dynamic nature of websites, no single plugin or platform can offer 100% legal compliance. When in doubt, it’s best to consult a specialist internet law attorney to determine if you are in compliance with all applicable laws for your jurisdictions and your use cases.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok
By 
From porting playlists in music streaming services to health data from fitness trackers to our reams of photos and videos, the DTP could be a boon for startups. Incumbent tech giants maintain a huge advantage in popularizing new functionality because they instantly interoperate with a user’s existing data rather than making them start from scratch. Even if a social networking startup builds a better location sharing feature, personalized avatar, or payment system, it might be a lot easier to use Facebook’s clone of it because that’s where your profile, friends, and photos live.
@zacharye
Image search engine optimization (SEO) is the practice of optimizing attributes associated with images.
These declines were even more drastic for large enterprise-level brands that had spent considerable effort optimizing their image catalogs, content management system (CMS), captions and eXtensible markup language (XML) sitemaps for the search engines.
Some properties were generous enough to go on the record with the increases they have witnessed.
In addition, I have seen a reluctance from many clients to spend resources on image optimization post-2013. They just didn’t feel that the benefit or traffic would be worth the resource cost. This lack of attention or resources placed into image optimization could have stunted the rebound as well.
